Vault 7, Year Zero part 2. We’ve so far had a total of five releases from Wikileaks under the name of “Vault 7” and although it’s all pretty much just documentation one can still work out the innards and its impact. Most of it are old hacks and technologies but some were still current – as we saw when the likes of Microsoft and Apple quickly released large patches in order to fix some of the most vulnerable bugs that our “protectors” in The Five Eyes were using on a daily basis to penetrate target computers in order to extract whatever information they were after. Getting hold of electronic information isn’t as easy as it used to be and today even total amateurs can easily secure a computer to make it virtually impossible to hack, or otherwise compromise. Standard encryption software can create hard enough encryption that even the NSA can’t crack and that’s a big problem for the intelligence community. They pretty much survive on breaking in between the layers and gaining access on user level and therefore bypassing the hard encryption. I fully understand the need for these agencies to gain access to some information in order to stop certain shady terrorist organisations from doing their activities, and this I’m sure most people agree with – even the die-hard anti-NSA/CIA/GCHQ/etc people. What I don’t agree with is their wideband “read everything just in case” philosophy in case they find anything by pure luck, or by crawling everything they get their hands on. I’m also not happy with these organisations using severe vulnerabilities to penetrate peoples computers without reporting it to the vendors because if these agencies can find these vulnerabilities, the bad people can also find them because let’s face it – they are often better at what they do than these agencies… (or worse, they are on the payroll of these agencies, which is exactly why we have these leaks today because the agencies have employed shady people who copied all they could get their hands on just for fun, and for bragging rights…) I’d like to have a system where the vendors could work with the agencies in order to secure information and data regarding criminals and terrorists but our agencies have shown again, and again, that they are too greedy and that their...

Vault 7, Year Zero Unless you live under a rock, none could’ve missed the headlines in the news stating the fact that a bunch of documents and hacking tools, stolen from CIA, had been handed over to Wikileaks who now released the first part in a partly censored form. It was censored to hide the identities of the CIA staff but also censored in order to not spread the actual tools of the trade that allowed the likes of CIA, GCHQ and such to hack Joe Public as, and when, they see fit. Wikileaks asked people what they should do with the actual tools – Release them? Throw them away? Or release them to the tech companies first so they can patch all vulnerabilities – and then release it all to the public? I voted for the latter and this is also what’s happening. It is safe to say that CIA’s been in crisis meetings ever since Wikileaks released the password to the encrypted ~500MB file they previously made public. The password was “SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds” which is a quote by President John F. Kennedy, which he gave to a journalist sometime in 1966 – shortly before he was assassinated – and it was referring to CIA and a possible black flag operation directed towards Cuba that JFK didn’t approve. It is clear that some people clearly doesn’t approve of CIA’s actions and operations, hence the old quote. Intranet Wiki So what was this dump then? Well, there’s been a lot written about this is media and virtually none know anything about what they are talking about… The ~500MB 7z-file that was released by Wikileaks is a copy of CIA’s IOC internal Confluence wiki – i.e their intranet and its live documentation – including all attachments like pictures, pdf’s, archives (gzip/zip’ed files) and binaries. One benefit of Confluence as a internal wiki for any company or organisation is that it’s simple, powerful – and pretty portable since it doesn’t need a fancy web server with extensions to run. The downside is that it is very simple to just copy as long as you have read access – and the boys & girls employed at these shady locations can easily acquire read access even if they’re not supposed to… Why this happened is simply because government players like CIA, GCHQ, NSA and...

Vault 7, Year Zero part 2. We’ve so far had a total of five releases from Wikileaks under the name of “Vault 7” and although it’s all pretty much just documentation one can still work out the innards and its impact. Most of it are old hacks and technologies but some were still current – as we saw when the likes of Microsoft and Apple quickly released large patches in order to fix some of the most...

Vault 7, Year Zero Unless you live under a rock, none could’ve missed the headlines in the news stating the fact that a bunch of documents and hacking tools, stolen from CIA, had been handed over to Wikileaks who now released the first part in a partly censored form. It was censored to hide the identities of the CIA staff but also censored in order to not spread the actual tools of the trade that allowed the likes of CIA, GCHQ...

Internet of Things, Distributed Denial of Service – botnet script kiddies or more sinister players? I doubt few missed the massive outage a few days ago when Dyn’s DNS service was rendered useless by a massive DDoS attack. What made it worse is that many of the big players (Twitter, PSN, GitHub etc) had put all their eggs in the same basket and had no alternate DNS and thus disappeared on the internet. I for one...

a working pentest for dummies in a little box! Stumbled across a neat little project on Reddit the other day and I liked it so much I wanted to share! Pentesting is something I’ve been doing for many years, and although a lot can be automated – much is manual work. That’s how I do it anyway, and that has always given me full control and the ability to act upon whatever I find throughout the session. The...